Information Security Lead

Job Location:  901 S. Bolmar Street, Suite G, West Chester, PA 19382 and various unanticipated worksites in U.S.

Primary Duties:

Manage the monitoring and analysis of network traffic using tools such as Security Information and Event Management systems to detect and respond to security incidents.  Provide authentication and authorization to specific user profiles, external profiles, and service accounts/non-human accounts.  Lead the performance of vulnerability scans and assessments to identify and address potential security weaknesses across systems and networks.  Manage user/service accounts, changing the rules/permissions by using the UNIX commands, providing SUDO access based on user requirements, and forcing the server to change the rules.  Handle incident tickets, provide Multi-Factor Authentication (MFA) and resolve incident tickets with agreed SLA (Service-Level Agreement) and perform root cause analysis for the technical incidents and ensure no redundancy for such incidents.  Lead deployments of security tools and infrastructure and document internal security processes and procedures.  Review and analyze security logs from multiple sources, including network devices, servers, and applications, to identify abnormal patterns or potential threats.  Create Standard Operational Procedures (SOP) when new processes/procedures are implemented and design interactive process flows to train the internal project team.  Lead the development, implementation, and testing of security protocols, disaster recovery plans, and incident response strategies.  Guide the internal project team to streamline the process of resolving issues and ensure the expected support/communication with end-users and clients.  This position supervises 8 New Era employees whose job titles are Intern, Security Analyst, Junior Security Engineer, and Associate Software Engineer.  100% telecommuting is permitted from home office per company policy to support New Era offices or clients located throughout the United States.

Requirements

Education:  Bachelor’s degree (or foreign educational equivalent) in Computer Science, Information Technology or a closely related technical field plus at least 5 years of post-degree, progressive experience in each of the below items; OR, alternatively,

A Master’s degree (or foreign educational equivalent) in Computer Science, Information Technology or a closely related technical field plus at least 2 years of experience, gained at any time, in each of the below items.

Experience:  Depending on the degree held, must have at least 5 years or 2 years of experience as described above in each of the following:

• Working with large-scale projects, security solutions, and enterprise systems deployments;
• Designing, configuring, and managing information security controls around infrastructure, data, and networks;
• Securing cloud environments (such as AWS, Azure, Google Cloud) including configuration of cloud-native security tools, access controls, and data protection strategies;
• Automating routine security tasks such as log parsing, vulnerability scans, and patch management with scripting languages (such as Python, Bash, PowerShell);
• Configuring firewalls and VPNs to protect network boundaries; and
• Managing Oracle systems including Oracle Identity Management, Oracle E-Business Suite, Oracle Identity System Administration, and Oracle Data Integrator.
  
  

#LI-DNI